Mail Routing Problems
Posted: Tue Aug 30, 2005 12:07 pm
I hope I can clearly and simply explain our architecture so that my question will make sense.
3 Servers on the Internal Lan:
pbco-server1.pbco.ca
pbco-server2.pbco.ca (Scalix Server which receives all mail to the pbco.ca domain, via fetchmail as the domain is hosted externally)
pbco-server4.pbco.ca
1 gateway/relay/web server on the DMZ:
pbco-server3.pbco.ca (running mailscanner, mailwatch and SWA)
There are firewall rules to allow pbco-server3 to connect to ports 25, 143 and 389 and so remote SWA on the externally visible pbco-server3, works and connects to the internal Scalix server on pbco-server2.
All outgoing mail, including from Scalix, is routed through pbco-server3 on the DMZ running mailwatch and mailscanner.
So far so good.
All 3 linux servers have aliases for the root account so that system messages will go to jstork@pbco.ca. All three servers have a user account with the same uid as my Scalix id, jstork. The Scalix server on pbco-server2 works fine and any messages going to root@pbco-server2.pbco.ca, aliased to jstork@pbco.ca goes correctly to my Scalix account.
pbco-server4 routes all outgoing mail through pbco-server2 (Scalix) and so any mail sent from pbco-server4, to an existing Scalix account (jstork@pbco.ca), goes correctly to my Scalix account.
THE PROBLEM, is with pbco-server3 (the gateway and mailscanner server which all outgoing mail routes through) which also has a local user account, jstork. Mail sent to jstork@pbco.ca ends up trying to go to the external mail server for our domain, pbco.ca and returns an erro message that the user does not exist? Even though the user jstork@pbco.ca DOES exist. I think this is due to the sendmail checking the domain/host of the sender so if sent from the nobody@pbco-server3.pbco.ca account, it will not find this in DNS.
What I need is for the sendmail/mailscanner server on the gateway, pbco-server3.pbco.ca to send all mail to any pbco.ca address, to the actual Scalix server on the LAN?
Any ideas how I can do this?
Below is the maillog for a message sent from the nobody@pbco-server3.pbco.ca account on server3, to jstork@pbco.ca.
Aug 30 08:52:32 pbco-server3 sendmail[31423]: j7UFqCO8031423: to=<jstork@pbco.ca>, delay=00:00:00, mailer=esmtp, pri=30531, stat=queued
Aug 30 08:52:32 pbco-server3 sendmail[31397]: j7UFppDK031397: to=jstork@pbco.ca, ctladdr=nobody@pbco-server3.pbco.ca (99/99), delay=00:00:41, xdelay=00:00:20, mailer=relay, pri=30358, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j7UFqCO8031423 Message accepted for delivery)
Aug 30 08:53:35 pbco-server3 sendmail[31459]: STARTTLS=client, relay=pbco.ca., version=TLSv1/SSLv3, verify=FAIL, cipher=AES256-SHA, bits=256/256
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: to=<jstork@pbco.ca>, ctladdr=<nobody@pbco-server3.pbco.ca> (99/99), delay=00:01:04, xdelay=00:00:19, mailer=esmtp, pri=120531, relay=pbco.ca. [216.7.189.216], dsn=5.1.1, stat=User unknown
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: j7UFqsgR031459: DSN: User unknown
3 Servers on the Internal Lan:
pbco-server1.pbco.ca
pbco-server2.pbco.ca (Scalix Server which receives all mail to the pbco.ca domain, via fetchmail as the domain is hosted externally)
pbco-server4.pbco.ca
1 gateway/relay/web server on the DMZ:
pbco-server3.pbco.ca (running mailscanner, mailwatch and SWA)
There are firewall rules to allow pbco-server3 to connect to ports 25, 143 and 389 and so remote SWA on the externally visible pbco-server3, works and connects to the internal Scalix server on pbco-server2.
All outgoing mail, including from Scalix, is routed through pbco-server3 on the DMZ running mailwatch and mailscanner.
So far so good.
All 3 linux servers have aliases for the root account so that system messages will go to jstork@pbco.ca. All three servers have a user account with the same uid as my Scalix id, jstork. The Scalix server on pbco-server2 works fine and any messages going to root@pbco-server2.pbco.ca, aliased to jstork@pbco.ca goes correctly to my Scalix account.
pbco-server4 routes all outgoing mail through pbco-server2 (Scalix) and so any mail sent from pbco-server4, to an existing Scalix account (jstork@pbco.ca), goes correctly to my Scalix account.
THE PROBLEM, is with pbco-server3 (the gateway and mailscanner server which all outgoing mail routes through) which also has a local user account, jstork. Mail sent to jstork@pbco.ca ends up trying to go to the external mail server for our domain, pbco.ca and returns an erro message that the user does not exist? Even though the user jstork@pbco.ca DOES exist. I think this is due to the sendmail checking the domain/host of the sender so if sent from the nobody@pbco-server3.pbco.ca account, it will not find this in DNS.
What I need is for the sendmail/mailscanner server on the gateway, pbco-server3.pbco.ca to send all mail to any pbco.ca address, to the actual Scalix server on the LAN?
Any ideas how I can do this?
Below is the maillog for a message sent from the nobody@pbco-server3.pbco.ca account on server3, to jstork@pbco.ca.
Aug 30 08:52:32 pbco-server3 sendmail[31423]: j7UFqCO8031423: to=<jstork@pbco.ca>, delay=00:00:00, mailer=esmtp, pri=30531, stat=queued
Aug 30 08:52:32 pbco-server3 sendmail[31397]: j7UFppDK031397: to=jstork@pbco.ca, ctladdr=nobody@pbco-server3.pbco.ca (99/99), delay=00:00:41, xdelay=00:00:20, mailer=relay, pri=30358, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (j7UFqCO8031423 Message accepted for delivery)
Aug 30 08:53:35 pbco-server3 sendmail[31459]: STARTTLS=client, relay=pbco.ca., version=TLSv1/SSLv3, verify=FAIL, cipher=AES256-SHA, bits=256/256
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: to=<jstork@pbco.ca>, ctladdr=<nobody@pbco-server3.pbco.ca> (99/99), delay=00:01:04, xdelay=00:00:19, mailer=esmtp, pri=120531, relay=pbco.ca. [216.7.189.216], dsn=5.1.1, stat=User unknown
Aug 30 08:53:36 pbco-server3 sendmail[31459]: j7UFqCO8031423: j7UFqsgR031459: DSN: User unknown